Oracle pushes emergency fix for critical Identity Manager RCE flaw

Oracle has released an out-of-band security update to fix a critical unauthenticated remote code execution vulnerability in Identity Manager and Web Services Manager tracked as CVE-2026-21992.

Microsoft Issues Emergency Patch for Critical Windows 11 RRAS Vulnerabilities

Microsoft releases an out-of-band hotpatch for critical Windows 11 RRAS vulnerabilities that could allow remote code ...
CSO Online

Telnet vulnerability opens door to remote code execution as root

The flaw in a legacy Telnet implementation enables pre-auth remote code execution, exposing affected systems to full compromise.
Que.com on MSN

CVE-2026-32746 telnetd flaw enables unauthenticated root remote code execution

A newly disclosed vulnerability tracked as CVE-2026-32746 has put a spotlight back on a service most security teams would rather ...
The Hacker News

Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager

Oracle fixes CVE-2026-21992 (CVSS 9.8) flaw enabling unauthenticated RCE via HTTP, risking full system compromise.
SecurityWeek

Critical Langflow Vulnerability Exploited Hours After Public Disclosure

Because attacker-supplied flow data is used in public flows, the bug leads to unauthenticated remote code execution.
Bleeping Computer

Trend Micro warns of critical Apex One code execution flaws

Japanese cybersecurity software firm Trend Micro has patched two critical Apex One vulnerabilities that allow attackers to gain remote code execution (RCE) on vulnerable Windows systems. Apex One is ...
The Hacker News

Veeam Patches 7 Critical Backup & Replication Flaws Allowing Remote Code Execution

Veeam fixes 7 Backup & Replication flaws, including CVSS 9.9 RCE bugs, warning attackers may exploit unpatched systems.